///*
//Copyright [2020] [https://www.stylefeng.cn]
//
//Licensed under the Apache License, Version 2.0 (the "License");
//you may not use this file except in compliance with the License.
//You may obtain a copy of the License at
//
//  http://www.apache.org/licenses/LICENSE-2.0
//
//Unless required by applicable law or agreed to in writing, software
//distributed under the License is distributed on an "AS IS" BASIS,
//WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//See the License for the specific language governing permissions and
//limitations under the License.
//
//Guns采用APACHE LICENSE 2.0开源协议，您在使用过程中，需要注意以下几点：
//
//1.请不要删除和修改根目录下的LICENSE文件。
//2.请不要删除和修改Guns源码头部的版权声明。
//3.请保留源码和相关描述文件的项目出处，作者声明等。
//4.分发源码时候，请注明软件出处 https://gitee.com/stylefeng/guns-separation
//5.在修改包名，模块名称，项目代码等时，请注明软件出处 https://gitee.com/stylefeng/guns-separation
//6.若您的项目无法满足以上几点，可申请商业授权，获取Guns商业授权许可，请在官网购买授权，地址为 https://www.stylefeng.cn
// */
//package cn.stylefeng.guns.sys.config;
//
//import cn.hutool.core.util.StrUtil;
//import cn.stylefeng.guns.core.consts.SpringSecurityConstant;
//import cn.stylefeng.guns.sys.core.filter.security.CaptchaValidateFilter;
//import cn.stylefeng.guns.sys.core.filter.security.JwtAuthenticationTokenFilter;
//import cn.stylefeng.guns.sys.core.filter.security.entrypoint.JwtAuthenticationEntryPoint;
//import cn.stylefeng.guns.sys.modular.auth.service.impl.AuthServiceImpl;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.core.env.Environment;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;
//import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
//import org.springframework.web.cors.CorsConfiguration;
//import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
//import org.springframework.web.filter.CorsFilter;
//
//import jakarta.annotation.Resource;
//
///**
// * SpringSecurity配置
// *
// * @author xuyuxiang
// * @date 2020/3/18 10:54
// */
//@Configuration
//public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Resource
//    private AuthServiceImpl authService;
//
//    @Resource
//    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
//
//    @Autowired
//    private CaptchaValidateFilter captchaValidateFilter;
//
//    @Resource
//    private JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint;
//
//    @Autowired
//    private Environment env;
//
//    /**
//     * 开启跨域访问拦截器
//     *
//     * @author stylefeng
//     * @date 2020/4/29 9:50
//     */
//    @Bean
//    public CorsFilter corsFilter() {
//        CorsConfiguration corsConfiguration = new CorsConfiguration();
//        String allowOrigin = env.getProperty("allow-origin");
//        if(StrUtil.isEmpty(allowOrigin)){
//            allowOrigin="*";
//        }
//        corsConfiguration.addAllowedOrigin(allowOrigin);
//        corsConfiguration.addAllowedHeader("*");
//        corsConfiguration.addAllowedMethod("*");
//
//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
//        source.registerCorsConfiguration("/**", corsConfiguration);
//        return new CorsFilter(source);
//    }
//
//    @Override
//    protected void configure(HttpSecurity httpSecurity) throws Exception {
//
//        //开启模拟请求，比如API POST测试工具的测试，不开启时，API POST为报403错误
//        httpSecurity.csrf().disable();
//
//        //开启跨域访问
//        httpSecurity.cors();
//
//        //不使用默认退出，自定义退出
//        httpSecurity.logout().disable();
//
//        //未授权时访问须授权的资源端点
//        httpSecurity.exceptionHandling().authenticationEntryPoint(jwtAuthenticationEntryPoint);
//
//        //放开一些接口的权限校验
//        for (String notAuthResource : SpringSecurityConstant.NONE_SECURITY_URL_PATTERNS) {
//            httpSecurity.authorizeRequests().antMatchers(notAuthResource).permitAll();
//        }
//
//        //其余的都需授权访问
//        httpSecurity.authorizeRequests().anyRequest().authenticated();
//
//        //图片验证码过滤器
//        httpSecurity.addFilterBefore(captchaValidateFilter, UsernamePasswordAuthenticationFilter.class);
//
//        //前置token过滤器
//        httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
//
//        //用户详情service
//        httpSecurity.userDetailsService(authService);
//
//        //全局不创建session
//        httpSecurity.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//
//        //禁用页面缓存，返回的都是json
//        httpSecurity.headers()
//                .frameOptions().disable()
//                .cacheControl();
//    }
//
//}
